Design And Implementation Of Distributed Vulnerability Detection System Based On OVAL

With the increasingly promotion of network information, vulnerability detection technology has become the focus of the research at present network security. Vulnerability detection tools can detect the vulnerability of computer system, and provide patch to improve the security and reliability of system. Currently, different vulnerability detection software adopts the different standard of vulnerability definition libraries, the compatibility between each other is poor, the type of supported operating systems is not comprehensive. It is difficult to get high quality guaranteed of the security of computer systems.This paper is based on National Science and Technology Support Projects, and researches the current mainstream vulnerability detection technologies, deeply discuss the basic principle of OVAL (open vulnerability evaluation standard). On this basis, introduce OVAL-based vulnerability detection framework, design and implement distributed vulnerability detection system based on OVAL, supporting multi-platform, multi-layer server deployment and hybrid structured. This paper mainly works as follows:1) Discuss the development of vulnerability in detail, systematically discuss and analysis the theories of vulnerability and vulnerability detection technology, study international standards such as OVAL and CVSS, and propose the Design scheme of OVAL-based distributed vulnerability detection system, and described the design goals, architecture, workflow and basic functions of the system in detail.2) The main functions of vulnerability detection system are realized. The key technologies of server and client are described in detail, and vulnerability detection scheduling strategy based on host load is described in detail.3) To solve the problem of the low efficiency of server batch detection and great impact on host load during detection, we propose dynamic vulnerability detection scheduling strategies based on host load, and improve the server vulnerability detection efficiency, balance the load of host cased by vulnerability detection.4) To solve the problem of qualitative analysis of system hazard level caused by vulnerability, we propose security warning strategy with custom vulnerability threshold according to the result of vulnerability detection and the vulnerability scoring system of CVSS, which suggests the security vulnerability risk according to different threshold of vulnerability hazard level.It is proved that the system has strong practical and deployment flexibility through actual deployment and operation in community services network. The analysis of the results suggests that the system can make comprehensive, accurate and efficient vulnerability detection of the host system.